Omentir

Agent API Outreach: How to Integrate REST Endpoints for Sales

Learn how to build custom outbound sales integrations. Master raw REST API endpoints, token authentication, lead ingestion, and reply hooks.

Vansh Yadav
Vansh Yadav
March 24, 2026
Agent API outreach and B2B REST endpoint integration graphic

Modern B2B growth teams rarely rely on single tools. They build custom setups that combine prospecting databases, data clean utilities, and CRMs. While standard user interfaces work for simple campaigns, scaling teams require programmatic access to their outbound stack.

If your sales development reps must manually move between dashboards, check readiness by hand, and copy results into status reports, your pipeline is leaking efficiency. You need an API-first approach that lets trusted internal systems read workspace context, create discovery agents, stage campaigns, run safety checks, and inspect replies.

Redesigning your team around agent API outreach is the solution. By exposing raw REST endpoints under /api/agent/v1, Omentir allows developers and agent builders to inspect context, update product profiles, create discovery agents, list leads, create campaigns, run automation dry-runs, and review conversations programmatically.

This REST-focused integration pathway complements the platform's hosted Model Context Protocol server. While the MCP server is designed for direct LLM execution, the REST endpoints are optimized for traditional scripts, as outlined in our guide on configuring hosted MCP tools. Let's look at how to build an integration.

The safest way to use the API is not to jump straight to campaign creation. Treat the API like an operating workflow. First read the workspace state. Then confirm the product profile. Then create or inspect discovery agents. Then review leads. Then create a draft campaign. Then run a dry-run readiness check before activating anything live.

A good integration should follow the same safety logic a careful operator would follow in the product. Do not let a script create campaigns blindly just because the endpoint is available.

Use this order:

  • Read context: Call GET /api/agent/v1/context to confirm workspace readiness, LinkedIn connection state, resource counts, and available API paths.
  • Confirm product profile: Read or update /api/agent/v1/product-profile so lead discovery and messaging are grounded in the real ICP.
  • Create or inspect agents: Use /api/agent/v1/agents to manage discovery agents that find ICP-fit leads.
  • Review leads: Use GET /api/agent/v1/leads with optional filters such as group ID and limit to inspect discovered prospects.
  • Create campaigns: Use /api/agent/v1/campaigns to stage a draft or active sequence with explicit steps.
  • Dry-run automation: Call /api/agent/v1/automation/dry-run before relying on live execution.
  • Monitor conversations: Use GET /api/agent/v1/conversations to review replies and hand off warm threads.

This sequence protects the workspace from the most common integration mistake: creating execution before context is correct.

Authenticating API Clients with Bearer Tokens

Security is critical when building custom integrations. Omentir protects your workspace by enforcing token authorization boundaries on all REST endpoints.

To authorize your client, generate a secure token in Settings → AI Agents. Pass this token in the Authorization header of every request:

GET /api/agent/v1/context
Authorization: Bearer <your_omentir_agent_token>

Tokens are scoped to single workspaces, preventing external clients from accessing billing or raw credentials.

Treat the token like a production secret. Store it in a server-side environment variable, not a browser bundle, spreadsheet, or client-side automation. If your integration runs in a worker, serverless function, or internal backend, load the token at runtime and keep logs from printing headers.

Build a small credential checklist:

  • Use one token per workspace or customer context.
  • Rotate tokens when a contractor, tool, or environment no longer needs access.
  • Fail closed when the token is missing instead of retrying unauthenticated requests.
  • Log request IDs and endpoint names, but never log the bearer token itself.

API Security Rule: Restrict Keys 💡

Never hardcode agent tokens in client-side Javascript. Always store keys in environment variables on your backend or serverless functions to prevent leak risks.

Creating Discovery Agents and Reading Leads

In the current agent API flow, leads come from Omentir discovery agents. Your integration creates or manages the agent, then reads the resulting lead list. This keeps discovery tied to the workspace product profile and campaign groups rather than letting arbitrary scripts dump unreviewed records into the send queue.

A discovery agent can be created with filters, signals, or a plain-language prompt. The route validates payload shape server-side, so your client should treat validation errors as useful feedback rather than generic failures.

POST /api/agent/v1/agents
Authorization: Bearer <your_omentir_agent_token>

{
  "groupName": "Founder-led SaaS outbound",
  "mode": "signals",
  "signalSources": {
    "competitorUrls": [],
    "founderUrls": [],
    "keywords": ["hiring SDR", "founder-led sales", "LinkedIn prospecting"]
  }
}

After discovery runs, list leads instead of assuming ingestion succeeded:

GET /api/agent/v1/leads?groupId=<group_id>&limit=100
Authorization: Bearer <your_omentir_agent_token>

The distinction matters. A list endpoint is for inspection, reporting, and downstream campaign selection. A create endpoint is for changing state. When you build with the API, read the live OpenAPI schema before assuming which routes mutate data.

For details on structuring variables, check our article on integrating autonomous sales agents.

Controlling Campaigns and Sequence Scheduling

Use campaign endpoints to manage outbound pacing programmatically. You can create sequences, update follow-up wait times, or add custom assets to target lead groups.

These controls allow your custom scripts to pause or resume sequences based on external events, such as syncing data from databases like Apollo.io or trackers like Clay.

Campaign creation should be explicit. The payload needs a name, a target group, a status, and a step list. Start with status: "draft" unless your integration has already passed a readiness check and the customer expects live activation.

POST /api/agent/v1/campaigns
Authorization: Bearer <your_omentir_agent_token>

{
  "name": "Founder-led SaaS lead quality test",
  "groupId": "<lead_group_id>",
  "status": "draft",
  "steps": [
    {
      "id": "connect-1",
      "type": "connect",
      "includeNote": true,
      "noteTemplate": "Saw your team is hiring outbound roles. Would be glad to connect."
    },
    { "id": "wait-1", "type": "wait", "delayMinutes": 2880 },
    {
      "id": "message-1",
      "type": "message",
      "messageTemplate": "Curious how you are handling lead quality before adding volume?"
    }
  ]
}

Keep templates restrained. API access makes it easy to generate many campaigns quickly, but the same copy rules apply: use verified context, avoid unsupported claims, and keep human review available before launch.

Monitoring incoming Reply Events and Intent Webhooks

To automate CRM status syncs, configure webhooks to listen to reply signals. When a prospect replies, Omentir sends a payload containing the thread content and intent classification.

This webhook payload allows your backend to create tasks inside CRMs (like HubSpot) instantly. For integration blueprints, check out our guide on MCP social selling sequence structures.

If you are not using webhooks, polling GET /api/agent/v1/conversations?limit=50 can still support a practical handoff workflow. Keep the polling interval measured, store the last seen conversation ID or timestamp, and avoid turning every reply into the same automated response.

Replies are where automation should slow down. A positive reply, objection, referral, or question deserves context-aware handling. Use the API to surface the thread quickly, assign the owner, and preserve the lead history. Let a human decide the final message when the buyer shows real intent.

Error Handling and Idempotency

Production integrations fail in boring ways: expired tokens, malformed payloads, missing LinkedIn connections, empty lead groups, duplicate retries, and campaigns launched before setup is complete. Build for those cases from the beginning.

Use status codes and response bodies as control flow. A validation error means the payload should be fixed. A readiness error means the workspace is not prepared for the action. A missing lead group should stop campaign creation rather than falling back to a random group.

Idempotency matters when scripts retry. Before creating a new agent or campaign, list existing resources and check whether the intended resource already exists. Store the created resource IDs in your own system. If a network timeout happens after a successful creation, your next run should reconcile rather than create duplicates.

Pacing Campaign Activity Safely to Stay Compliant

LinkedIn monitors both the volume and speed of connection requests and messages. If you send too many invites in a short period, your profile will be restricted.

To protect your account, configure campaigns around conservative daily safety limits and avoid sudden spikes. Omentir coordinates outgoing messages through human-paced queues, but your integration should still avoid creating large live campaigns before a dry-run and review step.

Add a hard rule to your integration: external systems may create drafts freely, but live activation requires a readiness check and a deliberate status choice. This keeps engineering convenience from bypassing sales safety.

SOP: The B2B Outbound API Integration Checklist

Follow this simple SOP to configure and audit your API integrations daily:

  • Verify Token: Confirm your bearer token is valid and passed in headers.
  • Read Context: Confirm product profile, LinkedIn connection, and resource counts before creating anything.
  • Audit Discovery: Verify that agents are returning leads that match the ICP and lead group.
  • Test Reply Sync: Poll conversations or test webhooks to ensure reply events route to your backend properly.
  • Enable Draft Mode: Set campaigns to default to drafts, waiting for human approval.
  • Run Dry-Run: Use the automation dry-run endpoint before live activation.
  • Check Pacing Quotas: Confirm daily connection rates remain conservative and paced.

Keep a short runbook for incident recovery. If a token is revoked, stop all jobs and alert the workspace owner. If a campaign creation fails, do not retry indefinitely. If reply sync fails, pause automation that depends on reply state so prospects do not receive tone-deaf follow-ups.

Unlocking Maximum Pipeline Leverage

Integrating custom campaigns via REST APIs is the most reliable way to scale sales without diluting relevance. By automating lead ingestion and reply routing, you can build a highly leveraged GTM engine.

The best API integrations do not bypass judgment. They make the right checks easier: read context, ground the product profile, inspect leads, draft campaigns, dry-run readiness, and hand warm replies to a human. Let Omentir power your connection stack through REST endpoints, review drafts daily, and launch safe, paced sequences that turn warm LinkedIn leads into customer conversations.

Frequently Asked Questions

What is the difference between Omentir's MCP server and the REST API?

The Model Context Protocol (MCP) server provides machine-readable tool schemas for LLM agents to run directly. The REST API provides raw HTTP endpoints (under /api/agent/v1) for growth engineers to build custom scripts and CRM integrations.

How do I authenticate requests to Omentir's REST endpoints?

Generate an API key in Settings → AI Agents, and pass it in the Authorization Bearer header of every HTTP request.

Can I push leads from my scraper directly to Omentir's campaign queue?

The current agent API flow is built around creating discovery agents, listing discovered leads, and launching campaigns against lead groups. Use the OpenAPI schema at /api/agent/v1/openapi.json as the source of truth before wiring a custom ingestion path.

What happens if my script pushes duplicate profiles?

For the current public agent endpoints, design your integration around idempotent reads, stable campaign/group IDs, and dry-run checks. Do not assume an ingestion or deduplication behavior unless it appears in the live OpenAPI schema.